tjh.dev / nixpkgs
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom
nixpkgs / nixos / tests / anubis.nix
at devShellTools-shell 119 lines 4.3 kB view raw
1{ lib, ... }: 2{ 3 name = "anubis"; 4 meta.maintainers = with lib.maintainers; [ 5 soopyc 6 nullcube 7 ryand56 8 ]; 9 10 nodes.machine = 11 { config, pkgs, ... }: 12 { 13 services.anubis = { 14 defaultOptions.settings = { 15 DIFFICULTY = 3; 16 USER_DEFINED_DEFAULT = true; 17 }; 18 instances = { 19 "".settings = { 20 TARGET = "http://localhost:8080"; 21 DIFFICULTY = 5; 22 USER_DEFINED_INSTANCE = true; 23 }; 24 25 "tcp" = { 26 user = "anubis-tcp"; 27 group = "anubis-tcp"; 28 settings = { 29 TARGET = "http://localhost:8080"; 30 BIND = ":9000"; 31 BIND_NETWORK = "tcp"; 32 METRICS_BIND = ":9001"; 33 METRICS_BIND_NETWORK = "tcp"; 34 }; 35 }; 36 37 "unix-upstream" = { 38 group = "nginx"; 39 settings.TARGET = "unix:///run/nginx/nginx.sock"; 40 }; 41 }; 42 }; 43 44 # support 45 users.users.nginx.extraGroups = [ config.users.groups.anubis.name ]; 46 services.nginx = { 47 enable = true; 48 recommendedProxySettings = true; 49 virtualHosts."basic.localhost".locations = { 50 "/".proxyPass = "http://unix:${config.services.anubis.instances."".settings.BIND}"; 51 "/metrics".proxyPass = "http://unix:${config.services.anubis.instances."".settings.METRICS_BIND}"; 52 }; 53 54 virtualHosts."tcp.localhost".locations = { 55 "/".proxyPass = "http://localhost:9000"; 56 "/metrics".proxyPass = "http://localhost:9001"; 57 }; 58 59 virtualHosts."unix.localhost".locations = { 60 "/".proxyPass = "http://unix:${config.services.anubis.instances.unix-upstream.settings.BIND}"; 61 }; 62 63 # emulate an upstream with nginx, listening on tcp and unix sockets. 64 virtualHosts."upstream.localhost" = { 65 default = true; # make nginx match this vhost for `localhost` 66 listen = [ 67 { addr = "unix:/run/nginx/nginx.sock"; } 68 { 69 addr = "localhost"; 70 port = 8080; 71 } 72 ]; 73 locations."/" = { 74 tryFiles = "$uri $uri/index.html =404"; 75 root = pkgs.runCommand "anubis-test-upstream" { } '' 76 mkdir $out 77 echo "it works" >> $out/index.html 78 ''; 79 }; 80 }; 81 }; 82 }; 83 84 testScript = '' 85 for unit in ["nginx", "anubis", "anubis-tcp", "anubis-unix-upstream"]: 86 machine.wait_for_unit(unit + ".service") 87 88 for port in [9000, 9001]: 89 machine.wait_for_open_port(port) 90 91 for instance in ["anubis", "anubis-unix-upstream"]: 92 machine.wait_for_open_unix_socket(f"/run/anubis/{instance}.sock") 93 machine.wait_for_open_unix_socket(f"/run/anubis/{instance}-metrics.sock") 94 95 # Default unix socket mode 96 machine.succeed('curl -f http://basic.localhost | grep "it works"') 97 machine.succeed('curl -f http://basic.localhost -H "User-Agent: Mozilla" | grep anubis') 98 machine.succeed('curl -f http://basic.localhost/metrics | grep anubis_challenges_issued') 99 100 # TCP mode 101 machine.succeed('curl -f http://tcp.localhost -H "User-Agent: Mozilla" | grep anubis') 102 machine.succeed('curl -f http://tcp.localhost/metrics | grep anubis_challenges_issued') 103 104 # Upstream is a unix socket mode 105 machine.succeed('curl -f http://unix.localhost/index.html | grep "it works"') 106 107 # Default user-defined environment variables 108 machine.succeed('cat /run/current-system/etc/systemd/system/anubis.service | grep "USER_DEFINED_DEFAULT"') 109 machine.succeed('cat /run/current-system/etc/systemd/system/anubis-tcp.service | grep "USER_DEFINED_DEFAULT"') 110 111 # Instance-specific user-specified environment variables 112 machine.succeed('cat /run/current-system/etc/systemd/system/anubis.service | grep "USER_DEFINED_INSTANCE"') 113 machine.fail('cat /run/current-system/etc/systemd/system/anubis-tcp.service | grep "USER_DEFINED_INSTANCE"') 114 115 # Make sure defaults don't overwrite themselves 116 machine.succeed('cat /run/current-system/etc/systemd/system/anubis.service | grep "DIFFICULTY=5"') 117 machine.succeed('cat /run/current-system/etc/systemd/system/anubis-tcp.service | grep "DIFFICULTY=3"') 118 ''; 119}